From 531a03562dac2e8a5d0e3c76170e24c8e5d4b64b Mon Sep 17 00:00:00 2001 From: Mario Date: Tue, 27 Apr 2021 15:09:27 +0200 Subject: register: new install testing fixes --- Zotlabs/Module/Register.php | 51 +++++++++++++++++++++++++-------------------- 1 file changed, 28 insertions(+), 23 deletions(-) (limited to 'Zotlabs/Module/Register.php') diff --git a/Zotlabs/Module/Register.php b/Zotlabs/Module/Register.php index 601828d5c..99e59dd77 100644 --- a/Zotlabs/Module/Register.php +++ b/Zotlabs/Module/Register.php @@ -61,24 +61,28 @@ class Register extends Controller { */ - $act = q("SELECT COUNT(*) AS act FROM account")[0]['act']; - $duty = zar_register_dutystate(); - $is247 = false; - $ip = $_SERVER['REMOTE_ADDR']; - $sameip = intval(get_config('system','register_sameip')); - $arr = $_POST; - $invite_code = ((x($arr,'invite_code')) ? notags(trim($arr['invite_code'])) : ''); - $invite_code = ((x($arr,'invite_code')) ? notags(trim($arr['invite_code'])) : ''); - $invite_code = ((x($arr,'invite_code')) ? notags(trim($arr['invite_code'])) : ''); - $name = ''; - $nick = ''; - $email = ((x($arr,'email')) ? notags(punify(trim($arr['email']))) : ''); - $password = ((x($arr,'password')) ? trim($arr['password']) : ''); - $password2 = ((x($arr,'password2')) ? trim($arr['password2']) : ''); + $act = q("SELECT COUNT(*) AS act FROM account")[0]['act']; + $is247 = false; + $ip = $_SERVER['REMOTE_ADDR']; + $sameip = intval(get_config('system','register_sameip')); + $arr = $_POST; + $invite_code = ((x($arr,'invite_code')) ? notags(trim($arr['invite_code'])) : ''); + $invite_code = ((x($arr,'invite_code')) ? notags(trim($arr['invite_code'])) : ''); + $invite_code = ((x($arr,'invite_code')) ? notags(trim($arr['invite_code'])) : ''); + $name = ''; + $nick = ''; + $email = ((x($arr,'email')) ? notags(punify(trim($arr['email']))) : ''); + $password = ((x($arr,'password')) ? trim($arr['password']) : ''); + $password2 = ((x($arr,'password2')) ? trim($arr['password2']) : ''); $register_msg = ((x($arr,'register_msg')) ? notags(trim($arr['register_msg'])) : ''); + $reonar = []; + $auto_create = get_config('system','auto_channel_create', 1); + $duty = zar_register_dutystate(); - $reonar = []; - $auto_create = get_config('system','auto_channel_create', 1); + if (!get_config('system', 'register_duty_jso')) { + // if not yet configured default to true + $duty = array( 'isduty' => true, 'atfrm' => '', 'nowfmt' => ''); + } if($auto_create) { $name = escape_tags(trim($arr['name'])); @@ -132,8 +136,9 @@ class Register extends Controller { if ($act > 0 && !$is247 && !$duty['isduty']) { // normally (except very 1st timr after install), that should never arrive here (ie js hack or sth like) // log suitable for f2b also - $logmsg = 'ZAR0230S Unexpected registration request off duty'; - zar_log($logmsg); + $logmsg = 'Unexpected registration request off duty'; + notice($logmsg); + zar_log('ZAR0230S ' . $logmsg); return; } @@ -472,11 +477,11 @@ class Register extends Controller { $other_sites = '' . t('Register at another affiliated hub in case when prefered') . ''; } - if ( !get_config('system', 'register_duty_jso') ) { - // duty yet not configured - $duty = array( 'isduty' => false, 'atfrm' => '', 'nowfmt' => ''); - } else { - $duty = zar_register_dutystate(); + $duty = zar_register_dutystate(); + + if (!get_config('system', 'register_duty_jso')) { + // if not yet configured default to true + $duty = array( 'isduty' => true, 'atfrm' => '', 'nowfmt' => ''); } $invitations = false; -- cgit v1.2.3 From 94f1c001f1fe2cefd17c5d535ec1fcd0e68c8df5 Mon Sep 17 00:00:00 2001 From: Mario Date: Wed, 28 Apr 2021 13:17:45 +0200 Subject: register: more testing and fixes --- Zotlabs/Module/Register.php | 30 ++++++++++++++---------------- 1 file changed, 14 insertions(+), 16 deletions(-) (limited to 'Zotlabs/Module/Register.php') diff --git a/Zotlabs/Module/Register.php b/Zotlabs/Module/Register.php index 99e59dd77..bb87a1933 100644 --- a/Zotlabs/Module/Register.php +++ b/Zotlabs/Module/Register.php @@ -47,7 +47,6 @@ class Register extends Controller { } } - function post() { check_form_security_token_redirectOnErr('/register', 'register'); @@ -64,7 +63,7 @@ class Register extends Controller { $act = q("SELECT COUNT(*) AS act FROM account")[0]['act']; $is247 = false; $ip = $_SERVER['REMOTE_ADDR']; - $sameip = intval(get_config('system','register_sameip')); + $sameip = intval(get_config('system','register_sameip', 3)); $arr = $_POST; $invite_code = ((x($arr,'invite_code')) ? notags(trim($arr['invite_code'])) : ''); $invite_code = ((x($arr,'invite_code')) ? notags(trim($arr['invite_code'])) : ''); @@ -117,19 +116,18 @@ class Register extends Controller { } if ($email) { - if (! preg_match('/^.{2,64}\@[a-z0-9.-]{4,32}\.[a-z]{2,12}$/', $email)) { + $email_result = check_account_email($email); + if ($email_result['error']) { // msg! - notice(t('Not a valid email address') . EOL); + notice(t($email_result['message']) . EOL); return; } } // case when an invited prepares the own account by supply own pw, accept tos, prepage channel (if auto) if ($email && $invite_code) { - if ( preg_match('/^.{2,64}\@[a-z0-9.-]{4,32}\.[a-z]{2,12}$/', $email ) ) { - if ( preg_match('/^[a-z0-9]{12,12}$/', $invite_code ) ) { - $is247 = true; - } + if ( preg_match('/^[a-z0-9]{12,12}$/', $invite_code ) ) { + $is247 = true; } } @@ -156,16 +154,16 @@ class Register extends Controller { // s2 max daily // msg? - if ( !$is247 && self::check_reg_limits()['is'] ) return; + if (!$is247 && self::check_reg_limits()['is']) return; - if(!$password) { + if (!$password) { // msg! notice(t('No password provided') . EOL); return; } // pw1 == pw2 - if($password !== $password2) { + if ($password !== $password2) { // msg! notice(t('Passwords do not match') . EOL); return; @@ -337,11 +335,11 @@ class Register extends Controller { if($policy == REGISTER_OPEN || $policy == REGISTER_APPROVE ) { - $cfgdelay = get_config( 'system', 'register_delay' ); + $cfgdelay = get_config('system', 'register_delay', '0i'); $reg_delayed = calculate_adue( $cfgdelay ); $regdelay = (($reg_delayed) ? datetime_convert(date_default_timezone_get(), 'UTC', $reg_delayed['due']) : $now); - $cfgexpire = get_config('system','register_expire' ); + $cfgexpire = get_config('system', 'register_expire', '3d'); $reg_expires = calculate_adue( $cfgexpire ); $regexpire = (($reg_expires) ? datetime_convert(date_default_timezone_get(), 'UTC', $reg_expires['due']) : datetime_convert('UTC', 'UTC', 'now + 99 years')); @@ -583,9 +581,9 @@ class Register extends Controller { // check against register, account $rear = array( 'is' => false, 'rn' => 0, 'an' => 0, 'msg' => '' ); - $max_dailies = intval(get_config('system','max_daily_registrations')); + $max_dailies = intval(get_config('system', 'max_daily_registrations', 50)); - if ( $max_dailies ) { + if ($max_dailies) { $r = q("SELECT COUNT(reg_id) AS nr FROM register WHERE reg_vital = 1 AND reg_created > %s - INTERVAL %s", db_utcnow(), db_quoteinterval('1 day') @@ -594,7 +592,7 @@ class Register extends Controller { $rear['is'] = ( $r && $r[0]['nr'] >= $max_dailies ) ? true : false; $rear['rn'] = $r[0]['nr']; - if ( !$rear['is']) { + if (!$rear['is']) { $r = q("SELECT COUNT(account_id) AS nr FROM account WHERE account_created > %s - INTERVAL %s", db_utcnow(), db_quoteinterval('1 day') ); -- cgit v1.2.3 From 0dd2e9004d0bd2d21a97244cfb37b65d1e2bad41 Mon Sep 17 00:00:00 2001 From: Mario Date: Wed, 28 Apr 2021 13:21:49 +0200 Subject: do not attempt to translate twice --- Zotlabs/Module/Register.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'Zotlabs/Module/Register.php') diff --git a/Zotlabs/Module/Register.php b/Zotlabs/Module/Register.php index bb87a1933..cafddc175 100644 --- a/Zotlabs/Module/Register.php +++ b/Zotlabs/Module/Register.php @@ -119,7 +119,7 @@ class Register extends Controller { $email_result = check_account_email($email); if ($email_result['error']) { // msg! - notice(t($email_result['message']) . EOL); + notice($email_result['message'] . EOL); return; } } -- cgit v1.2.3 From 36f041a1ffaf7e7eaf32d0dce2dc1a5169544df0 Mon Sep 17 00:00:00 2001 From: Mario Date: Wed, 28 Apr 2021 14:23:53 +0200 Subject: cleanup --- Zotlabs/Module/Register.php | 36 ++++++++++++++++-------------------- 1 file changed, 16 insertions(+), 20 deletions(-) (limited to 'Zotlabs/Module/Register.php') diff --git a/Zotlabs/Module/Register.php b/Zotlabs/Module/Register.php index cafddc175..2aa66b02c 100644 --- a/Zotlabs/Module/Register.php +++ b/Zotlabs/Module/Register.php @@ -66,8 +66,6 @@ class Register extends Controller { $sameip = intval(get_config('system','register_sameip', 3)); $arr = $_POST; $invite_code = ((x($arr,'invite_code')) ? notags(trim($arr['invite_code'])) : ''); - $invite_code = ((x($arr,'invite_code')) ? notags(trim($arr['invite_code'])) : ''); - $invite_code = ((x($arr,'invite_code')) ? notags(trim($arr['invite_code'])) : ''); $name = ''; $nick = ''; $email = ((x($arr,'email')) ? notags(punify(trim($arr['email']))) : ''); @@ -118,7 +116,6 @@ class Register extends Controller { if ($email) { $email_result = check_account_email($email); if ($email_result['error']) { - // msg! notice($email_result['message'] . EOL); return; } @@ -152,19 +149,12 @@ class Register extends Controller { } } - // s2 max daily - // msg? - if (!$is247 && self::check_reg_limits()['is']) return; - if (!$password) { - // msg! notice(t('No password provided') . EOL); return; } - // pw1 == pw2 if ($password !== $password2) { - // msg! notice(t('Passwords do not match') . EOL); return; } @@ -211,7 +201,7 @@ class Register extends Controller { break; } - if($email_verify && ($policy == REGISTER_OPEN || $policy == REGISTER_APPROVE) ) + if($email_verify && ($policy == REGISTER_OPEN || $policy == REGISTER_APPROVE)) $flags = ($flags | ACCOUNT_UNVERIFIED); // $arr has $_POST; @@ -295,23 +285,24 @@ class Register extends Controller { $icdone = false; // no ivc entered - if ( ! $invonly) { + if (!$invonly) { // possibly the email is just in use ? $reg = q("SELECT * from register WHERE reg_vital = 1 AND reg_email = '%s'", - dbesc('e' . $email)); + dbesc('e' . $email) + ); - if ( ! $reg) - $act = q("SELECT * from account WHERE account_email = '%s'", dbesc($email)); + if (!$reg) { + $act = q("SELECT * from account WHERE account_email = '%s'", + dbesc($email) + ); + } // in case an invitation was made but the invitecode was not entered, better ignore. // goaway(z_root() . '/regate/' . bin2hex($reg['email'])); - if ( ! $reg && ! $act) { + if (! $reg && !$act) { // email useable - $well = true; - - } else { $msg = t('Email address already in use') . EOL; notice($msg); @@ -331,6 +322,12 @@ class Register extends Controller { } + // check max daily registrations after we have dealt with the invitecode + if (self::check_reg_limits()['is']) { + notice('Max registrations per day exceeded.'); + return; + } + if ($well) { if($policy == REGISTER_OPEN || $policy == REGISTER_APPROVE ) { @@ -454,7 +451,6 @@ class Register extends Controller { } - function get() { $registration_is = ''; -- cgit v1.2.3 From ec7166eb00e4e52e260ceb695ecf26c9ca43262e Mon Sep 17 00:00:00 2001 From: Mario Date: Wed, 28 Apr 2021 19:38:43 +0200 Subject: fix manual fetching of non-ascii domains --- Zotlabs/Module/Register.php | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) (limited to 'Zotlabs/Module/Register.php') diff --git a/Zotlabs/Module/Register.php b/Zotlabs/Module/Register.php index 2aa66b02c..56d3f2d22 100644 --- a/Zotlabs/Module/Register.php +++ b/Zotlabs/Module/Register.php @@ -280,15 +280,13 @@ class Register extends Controller { return; } - } else { - $icdone = false; // no ivc entered if (!$invonly) { // possibly the email is just in use ? $reg = q("SELECT * from register WHERE reg_vital = 1 AND reg_email = '%s'", - dbesc('e' . $email) + dbesc($email) ); if (!$reg) { -- cgit v1.2.3